RealTime IT News

IBM, VeriSign Ink Internet Security Pact

Tech firms continue to batten the hatches on security and Armonk, N.Y.'s IBM Corp. and Mountain View, Calif.'s VeriSign Inc. proved no different Tuesday as the firms inked a comprehensive agreement to help ensure trusted commerce and communications over the Internet.

The deal, for which financial terms have not been made public, is multi-year, and will span technology, services and marketing. Not surprisingly, it's aimed at attracting the enterprise to its security offerings as the two companies have agreed to develop and market a new Entitlements Management Service based on VeriSign's managed public key infrastructure (PKI) services and technology and Tivoli Policy Director, IBM's security management and access control software.

In a teaming of technology whose purpose sounds not unlike Microsoft Corp.'s highly-touted PassPort, the new service will combine online authentication, Web single sign-on, digital credentialing and signatures, authorization and policy management.

Moreover, the firms will collaborate on Web services standards, including VeriSign's XML key management system (XKMS) and Security Assertion Markup Language (SAML), a specification developed by OASIS' Security Services Technical Committee (SSTC) to create a standard for exchanging authentication and authorization information throughout a Web-based transaction across organizational domains. Specifically, IBM plans to embed XKMS and leverage SAML in Tivoli Policy Director. This process would enable seamless XML interfaces with VeriSign's managed PKI and other trust services.

In terms of creating global awareness, IBM's Global Services Group and VeriSign's Consulting Services Group will work to provide managed services and support for companies deploying PKI technology. Lastly, VeriSign will use certain IBM server and software in its IT operations.

Rusine Mitchell-Sinclair, general manager of Safety and Security Services at IBM, called the alliance a turning point in Web services.

"Our alliance will present customers with an unprecedented combination of infrastructure services and security solutions to securely transact e-business," Mitchell-Sinclair.

The deal would certainly seem to fit under its " two-pronged approach," announced last November, whereby it will align security offerings within its IBM Global Services Practice and create a new Global Solutions Office to address "broader" security issues.